The course presents the challenges, principles, mechanisms and tools to make software secure. We will discuss the main causes of vulnerabilities and the means to avoid and defend against them. The focus is on secure programming practice, including specifics for various languages, but also covering system-level defenses (architectural approaches and run-time enforcement). We will also apply software analysis and vulnerability detection tools in different scenarios.
Student Learning Outcomes:
- Students will be able to apply and manage secure coding practices throughout software project development
- Students will be able to recognize insecure programming patterns and know how to replace them with secure alternatives
- Students will gain a good comprehension of the landscape of software security vulnerabilities, with specifics for various programming languages and types of software applications
- Students will gain the ability to analyze the security of a software system and convincingly advocate about the significance of vulnerabilities
- Students will know representative tools for software security analysis and testing, use them in practice and understand their capabilities and limitations